<?php
	
	header("Content-type:text/html;charset=utf8");

	// error_reporting(0);

	//接收表单数据
	$bookname = $_POST['bookname'];
	$author = $_POST['author'];
	$cbs = $_POST['cbs'];
	$publicdate = $_POST['publicdate'];
	$price = $_POST['price'];
	$catagory = $_POST['catagory'];
	$switch = $_POST['switch'] ? $_POST['switch'] : 0;
	$desc = $_POST['desc'];
	$photo = $_FILES['photo'];

	//数据安全和规范检查(省略)

	//上传图片
	
	$dirname = '../upload';
	if (!is_dir($dirname)){
		@mkdir($dirname);
	}

	$newPhotoName = time(); //新名字

	$pathinfo = pathinfo($photo['name']); // xxxx.jpg 转换成数组 
	$extension = $pathinfo['extension']; //扩展名

	//完整路径
	$newPath = $dirname.'/'.$newPhotoName.'.'.$extension;

	//上传图片
	$res = move_uploaded_file($photo['tmp_name'],$newPath);

	if (!$res){
		echo '图片上传失败';
	}


	//////////////////////////////////////////////////////////////////

	//连接数据库
	include '../include/common.php';

	$now = time();

	//截取图片地址
	$newPath = substr($newPath,3);

	//新增语句
	$query = "INSERT INTO book(name,author,public,price,catagory,ishow,description,photo,dt) VALUES ('".$bookname."','".$author."','".$cbs."',$price,$catagory,$switch,'".$desc."','".$newPath."',$now)";

	//执行语句
	mysqli_query($conn,$query);

	//最近一次执行结果
	$res = mysqli_affected_rows($conn);

	if ($res>0){
		echo '新增成功！<a href="add.php">继续新增</a>，<a href="list.php">回到列表</a>';
	} else {
		die('新增失败！');
	}


	
?>